The invention relates to mobile telephone handsets and, more particularly, to techniques that aim to reduce the possibilities of reusing a stolen handset.
Theft of mobile telephone handsets has become a real social problem. This has entailed a massive increase of violent theft cases in public places in recent years, due to the theft of such handsets. It has been estimated, for example, that more than 150,000 mobile phones were stolen in 2001 in France alone. With a view to reducing this figure, the French authorities now demand that mobile telephone operators place an identifier of the stolen handsets on a black list. Every mobile handset has a unique identifier, called IMEI (International Mobile Equipment Identity), which is transmitted to the network used for communication. The IMEI of a handset reported as stolen is thus placed on a black list, which is already operational in France. When a handset included in the list attempts to establish communication, it can be blocked.
However, the IMEI is currently stored on a flash memory with poor security. In fact, there are software applications that allow a user to modify the IMEI of a handset, which are widely available on the internet. Therefore, as the European Commission has admitted, it is fairly easy to get around the creation of black lists of stolen handsets.
A technical recommendation by the ETSI proposes making it impossible to change the IMEI after the handset manufacturing process. This recommendation has been implemented mainly by recording the IMEI in a PROM, so that it cannot be physically modified.
This securitisation technique has certain drawbacks. Since the IMEI is read by the operating system of the handset, the use of a fraudulent operating system therefore makes it possible to modify the IMEI through the software in order to send the network a modified IMEI.